Basic auth not working

Help
1

I tried setting basic auth for everything under the route /reports where there are some csv files but it simply doesn’t work. The Caddyfile is like the one below:

0.0.0.0:2015
gzip
ext .html
log stdout
root /srv

header / {
    Access-Control-Allow-Origin *
    Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization"
    Access-Control-Allow-Methods "GET,PUT,POST,DELETE,PATCH,OPTIONS"
}

proxy /api/ prest:3000 {
    without /api
}

proxy /backend/ application:6000 {
    without /backend
}

proxy /auth/ auth:4000 {
    without /auth
}

proxy /publicapi/ publicapi:9000 {
    without /publicapi
}

basicauth user password {
    realm "csv reports"
    /home/www/reports
    /home/www/reports/test.txt
}

I’m using Caddy 0.11.0 on a Linux docker conteiner. Besides the syntax above, I tried the alternative one on the documentation: https://caddyserver.com/docs/basicauth

basicauth /reports username password

Is there something wrong on my configuration or it’s a bug on the software?

2

The paths in you specify in the basicauth directive are request paths, not filesystem paths. :wink: Change to /reports instead.

3

Seems to be working for me.

root@erasmus:~# caddy -version
Caddy 0.11.0 (non-commercial use only)

root@erasmus:~# caddy browse "basicauth /reports user pass" "log stdout"
Activating privacy features... done.
http://:2015
127.0.0.1 - - [18/Aug/2018:16:52:16 +1000] "HEAD /reports HTTP/1.1" 401 17

root@erasmus:/mnt/c/Windows/System32# curl -IL localhost:2015/reports
HTTP/1.1 401 Unauthorized
Content-Type: text/plain; charset=utf-8
Server: Caddy
Www-Authenticate: Basic realm="Restricted"
X-Content-Type-Options: nosniff
Date: Sat, 18 Aug 2018 06:52:16 GMT
Content-Length: 17
4

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.